package com.cd.university.controller;

import com.cd.university.common.RestResult;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;

/**
 * @author 陈栋
 * @create 2021/9/15 14:27
 */
@RestController
@RequestMapping("/per")
@Api("权限测试接口")
public class PermissionController {

    @PostMapping("/sel")
    @ApiOperation("权限查询")
    public RestResult preSel(Authentication authentication) {
        System.out.println(authentication.getAuthorities());
        return RestResult.success("该用户具有查询权限");
    }

    @GetMapping("/del")
    @ApiOperation("权限删除")
    public RestResult preDel() {
        return RestResult.success("该用户具有删除权限");
    }

    @GetMapping("/upd")
    @ApiOperation("权限修改")
    public RestResult preUpd() {
        return RestResult.success("该用户具有修改权限");
    }

    @GetMapping("/role")
    public RestResult preRole() {
        return RestResult.success("该用户是学生");
    }

    @PostMapping("/update")
    public RestResult updateFile(@RequestParam("file")MultipartFile file) {
        if (file.isEmpty()) {
            return RestResult.failure("文件为空");
        }

        return RestResult.success()
                .put("fileName",file.getOriginalFilename());
    }

    @GetMapping("/admin")
    @PreAuthorize("hasAnyAuthority('超级管理员')")
    public RestResult adminTest() {
        return RestResult.success("恭喜超级管理员");
    }
}
